CRITICAL
Hangzhou Xiongmai Technology Co., Ltd
CVE published 2026-04-23
CVE-2025-65856
CVE-2025-65856 is a critical unauthenticated access issue in Hangzhou Xiongmai Technology Co., Ltd XM530 IP cameras. According to CISA’s advisory, the affected ONVIF implementation fails to enforce authentication on 31 critical endpoints, which can let remote attackers view sensitive device information and live video streams. The advisory was published on 2026-04-23, and the source material indicates the [truncated]